Business Email Compromise scams (BEC or BES) are a lucrative way for cybercriminals to gain high value credentials and commit fraud. Losses resulting from BEC scams surpassed 5 billion dollars this year and rising. BEC scams target groups and individuals by masquerading as legitimate services and organizations. Recent activity in Iceland involves the use of a fake website with ties to a larger infrastructure of domains designed for use in BEC scams. In this incident over 100 people were victimized with the use of the fake website, tricking victims into giving up financial credentials. These scams are difficult to defend against because they rely on social engineering and deceit instead of malware that can be detected by early warning software. The best defense against BEC scams is information sharing and networking...READ MORE
Wapack Labs has cataloged and reported on Business Email Compromise scams in the past. An archive of related reporting can be found in the Red Sky Alliance portal.
This TLP AMBER report is available only to Red Sky Alliance members.